Sharing of Medical Info and Medical Images

The idea of sharing medical information – electronic medical records and medical images, in particular – between healthcare providers and patients – is intriguing. However, there are many, many barriers to sharing being adopted widely. Here are just a few.

1) There is no business model. Where will the medical data and images be stored? Who will pay for it? Many states have setup Health Information Exchanges (HIEs). These are largely subsidized by the federal government. Now that the money is running out we see states shutting down their HIEs. There is no business model in place to sustain them.

Medical images can be more complex to manage than simply text oriented healthcare data. Storage costs will be greater. Transmission of large medical images is more costly. Who will pick up the cost?

2) There are no established companies addressing image sharing. Newcomers such as LifeImage, DicomGrid, DELL, and others are not developing healthcare provider to patient image sharing. These companies sell technology to imaging providers to help them manage images and share images among themselves. Radiologists and other imaging providers are willing to pay for these services.

The Radiology Society of North America (RSNA), a radiology trade group, has tried to address image sharing. They provide free (open source) image sharing software for radiologists in the form of a software package called EdgeServer. This software, however, was initially designed with the goal of moving images from one radiology department to another – and not for sharing with patients.

NIH has agreed to fund EdgeServer for a few years. Beyond that, they offer no promises. Some of the newcomers (mentioned above) have agreed to store images on behalf of patients. But with the history of HIEs, do we really believe one’s images will be available into the distant future?

3) Lack of understanding of HIPAA and privacy will delay the ability of patients to capture and store their data in a meaningful (electonic) way. Few healthcare providers understand HIPAA and privacy. Providing healthcare data to a patient scares the boots off of many hospital administrators. Many administrators will not allow private healthcare information (PHI) to be transferred offsite. These same administrators don’t understand that HIPAA also requires them to supply a patient’s data upon request.

In particular, the difference between an electronic medical record (EMR) and personal healthcare record (PHR) is lacking. PHRs are not regulated by HIPAA because PHRs store information on behalf of the patient. Until PHRs are in wide adoption and thus understood, patients will have difficulty storing their records in a way that they can easily work with.

4) Implementation is complex and costly. Look at the technologies proposed by various groups involved in establishing “standards” of exchange for medical data and medical images. These include: XDS, HL7, CDA, Direct, etc. Old technologies. Overly complex.

Let’s look at the Blue Button initiative, for example. Blue Button is the government’s push to provide patients with their medical records easily and electronically. The idea is that a patient downloads their entire medical record by clicking a “blue button” from their healthcare provider’s patient portal (web site).

Great idea and it sounds easy to use. But, the implementation is bad. On the surface, one can envision visiting their hospital’s web site, logging in, and clicking the blue button to download a file with all their medical records. As currently designed, it won’t work that way. Instead, the medical records are emailed to the patient using “Direct” technology. Direct is a special type of email with specific safeguards for privacy and security. Problems with this are numerous. Here are a few:

a) There are few companies that can implement such technology and those would only be some of the biggest companies out there. Hence small companies are locked out and innovation is stifled.

b) A special “direct” email account is required by the consumer. It is unlikely that consumers would use a special email account just to capture their healthcare records.

c) Should a consumer actually use a Direct email account, they will likely pull out the data files and store them on their hard drive, which circumvents the security and privacy protections of Direct.

5) Transparency in cost and services is complex. Wouldn’t it be great to have a Yelp for healthcare and medical imaging. Go to a site, research doctors, look at reviews, and make a selection. There are sites that try to do this. But how valid are the reviews? Reports claim that 20% of reviews on Yelp are fraudulent. How are reviews validated?

I strongly believe the fix to healthcare has to come from the consumer side. Right now their are to many obstacles in place to let this happen naturally. Regulations, use of old technology, and lack of business model are just some of the roadblocks.

Re: ‘old technology’ – have you looked at the HL7 FHIR standard (http://www.hl7.org/fhir) ? One can hardly claim that’s old technology.

However nice, technology won’t solve the issue – having a business case and/or a legal framework will be necessary, Consumers are unwilling to pay for their own information, so a legal framework will be necessary. Write your congressman, but don’t hold your breath in the meantime.